| CVE |
Vendors |
Products |
Updated |
CVSS v3.1 |
| Transient DOS in Modem while processing invalid System Information Block 1. |
| Memory corruption in HAB Memory management due to broad system privileges via physical address. |
| Memory corruption in Automotive GPU while querying a gsl memory node. |
| Memory Corruption in Multimedia Framework due to integer overflow when synx bind is called along with synx signal. |
| Memory corruption in WLAN HAL while processing WMI-UTF command or FTM TLV1 command. |
| Cryptographic issue in HLOS due to improper authentication while performing key velocity checks using more than one key. |
| Information disclosure in Network Services due to buffer over-read while the device receives DNS response. |
| FrameMaker 2020 Update 4 (and earlier), 2022 (and earlier) are affected by an out-of-bounds write vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file. |
| FrameMaker 2020 Update 4 (and earlier), 2022 (and earlier) are affected by an Improper Input Validation vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file. |
| FrameMaker 2020 Update 4 (and earlier), 2022 (and earlier) are affected by an out-of-bounds write vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file. |
| Photoshop version 23.5.3 (and earlier), 24.1 (and earlier) are affected by an out-of-bounds write vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file. |
| Photoshop version 23.5.3 (and earlier), 24.1 (and earlier) are affected by an out-of-bounds write vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file. |
| Photoshop version 23.5.3 (and earlier), 24.1 (and earlier) are affected by an Improper Input Validation vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file. |
|
An SQL Injection vulnerability in the Management Console (Operator Audit Trail) of BlackBerry AtHoc version 7.15 could allow an attacker to potentially read sensitive data from the database, modify database data (Insert/Update/Delete), execute administration operations on the database, recover the content of a given file present on the DBMS file system and in some cases issue commands to the operating system.
|
| NCC Group has found a flaw during the annual internal penetration test ordered by Axis Communications. The protection for device tampering (commonly known as Secure Boot) contains a flaw which provides an opportunity for a sophisticated attack to bypass this protection. Axis has released patched AXIS OS versions for the highlighted flaw. Please refer to the Axis security advisory for more information and solution. |
| User provided input is not sanitized on the AXIS License Plate Verifier specific “search.cgi” allowing for
SQL injections. |
| User provided input is not sanitized in the “Settings > Access Control” configuration interface allowing for
arbitrary code execution. |
| User provided input is not sanitized on the AXIS License Plate Verifier specific “api.cgi” allowing for
arbitrary code execution. |
|
Due to insufficient file permissions, unprivileged users could gain access to unencrypted administrator
credentials allowing the configuration of the application.
|
|
Due to insufficient file permissions, unprivileged users could gain access to unencrypted user credentials
that are used in the integration interface towards 3rd party systems.
|
